CyberSec.Space Logo
Back to CVE Browser

CVE-2013-6490

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0890%
EPSS Percentile27.63th
PublishedFeb 6, 2014
Last ModifiedApr 29, 2026

Vulnerability Description

The SIMPLE protocol functionality in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a negative Content-Length header, which triggers a buffer overflow.

Affected Platforms (CPE)

πŸ“¦
Pidgin

Pidgin

<= 2.10.7
πŸ“¦
Pidgin

Pidgin

= 2.0.0
πŸ“¦
Pidgin

Pidgin

= 2.0.1
πŸ“¦
Pidgin

Pidgin

= 2.0.2
πŸ“¦
Pidgin

Pidgin

= 2.1.0
πŸ“¦
Pidgin

Pidgin

= 2.1.1
πŸ“¦
Pidgin

Pidgin

= 2.2.0
πŸ“¦
Pidgin

Pidgin

= 2.2.1
πŸ“¦
Pidgin

Pidgin

= 2.2.2
πŸ“¦
Pidgin

Pidgin

= 2.3.0
πŸ“¦
Pidgin

Pidgin

= 2.3.1
πŸ“¦
Pidgin

Pidgin

= 2.4.0
πŸ“¦
Pidgin

Pidgin

= 2.4.1
πŸ“¦
Pidgin

Pidgin

= 2.4.2
πŸ“¦
Pidgin

Pidgin

= 2.4.3
πŸ“¦
Pidgin

Pidgin

= 2.5.0
πŸ“¦
Pidgin

Pidgin

= 2.5.1
πŸ“¦
Pidgin

Pidgin

= 2.5.2
πŸ“¦
Pidgin

Pidgin

= 2.5.3
πŸ“¦
Pidgin

Pidgin

= 2.5.4
πŸ“¦
Pidgin

Pidgin

= 2.5.5
πŸ“¦
Pidgin

Pidgin

= 2.5.6
πŸ“¦
Pidgin

Pidgin

= 2.5.7
πŸ“¦
Pidgin

Pidgin

= 2.5.8
πŸ“¦
Pidgin

Pidgin

= 2.5.9
πŸ“¦
Pidgin

Pidgin

= 2.6.0
πŸ“¦
Pidgin

Pidgin

= 2.6.1
πŸ“¦
Pidgin

Pidgin

= 2.6.2
πŸ“¦
Pidgin

Pidgin

= 2.6.3
πŸ“¦
Pidgin

Pidgin

= 2.6.4
πŸ“¦
Pidgin

Pidgin

= 2.6.5
πŸ“¦
Pidgin

Pidgin

= 2.6.6
πŸ“¦
Pidgin

Pidgin

= 2.7.0
πŸ“¦
Pidgin

Pidgin

= 2.7.1
πŸ“¦
Pidgin

Pidgin

= 2.7.2
πŸ“¦
Pidgin

Pidgin

= 2.7.3
πŸ“¦
Pidgin

Pidgin

= 2.7.4
πŸ“¦
Pidgin

Pidgin

= 2.7.5
πŸ“¦
Pidgin

Pidgin

= 2.7.6
πŸ“¦
Pidgin

Pidgin

= 2.7.7
πŸ“¦
Pidgin

Pidgin

= 2.7.8
πŸ“¦
Pidgin

Pidgin

= 2.7.9
πŸ“¦
Pidgin

Pidgin

= 2.7.10
πŸ“¦
Pidgin

Pidgin

= 2.7.11
πŸ“¦
Pidgin

Pidgin

= 2.8.0
πŸ“¦
Pidgin

Pidgin

= 2.9.0
πŸ“¦
Pidgin

Pidgin

= 2.10.0
πŸ“¦
Pidgin

Pidgin

= 2.10.1
πŸ“¦
Pidgin

Pidgin

= 2.10.2
πŸ“¦
Pidgin

Pidgin

= 2.10.3
πŸ“¦
Pidgin

Pidgin

= 2.10.4
πŸ“¦
Pidgin

Pidgin

= 2.10.5
πŸ“¦
Pidgin

Pidgin

= 2.10.6

References & Advisories

πŸ”— http://hg.pidgin.im/pidgin/main/rev/6bd2dd10e5da
πŸ”— http://www.debian.org/security/2014/dsa-2859
πŸ”— http://www.pidgin.im/news/security/?id=84
πŸ”— http://www.securityfocus.com/bid/65195
πŸ”— http://www.ubuntu.com/usn/USN-2100-1
πŸ”— https://rhn.redhat.com/errata/RHSA-2014-0139.html
πŸ”— http://hg.pidgin.im/pidgin/main/rev/6bd2dd10e5da
πŸ”— http://www.debian.org/security/2014/dsa-2859

Related Vulnerabilities

CVE-2009-269410.0

The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2...

CVE-2016-10000309.8

Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values ...

CVE-2015-88339.8

Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr pl...

CVE-2009-24049.3

Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Fir...